CloudGen Access

To sync with LDAP/MSAD you need to configure some parameters according to the vendor you're using. Currently only MSAD is supported, but you can use other configurations using a custom profile. See also <a href="https://campus.barracuda.com/doc/96020068/" rel="nofollow noopener noreferrer" target="_blank">How to Install the CloudGen Access User Directory Connector</a>.

Example configuration parameters (config.json file) for an MSAD installation:

{
  enrollment_token="https://enterprise.fyde......", 
  ldap_host="192.168.1.169", 
  ldap_profile="ad", 
  ldap_user_search_base="ou=Users,ou=MyOrg,dc=myorg,dc=com", 
  ldap_group_search_base="ou=Groups,ou=MyOrg,dc=myorg,dc=com", 
  ldap_auth_method="simple", 
  ldap_auth_username="User Name", 
  ldap_auth_password="password"
}

The LDAP-specific parameters are listed in the tables below. See also <a href="https://campus.barracuda.com/doc/93201555/" rel="nofollow noopener noreferrer" target="_blank">General parameters.</a> Note that you only need prefix the key with "FYDE_"... and capitalize the rest if you are using an environment variable, but not with a configuration file or a Vx.

Sync With LDAP/MSAD

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Key	Default Value	Type	Description
ldap_host		string	LDAP server hostname/IP to connect to
ldap_port	389 or 636 (TLS)	string	LDAP server port to connect to
ldap_auth_method		string	Authentication methods: `anon` Anonymous `simple` User/password `sasl_external` `sasl_kerberos` `ntlm`
ldap_auth_username		string	Username for `simple` auth method
ldap_auth_password		string	Password for `simple` auth method
ldap_auth_sasl_credentials		string	SASL credentials for SASL auth method
ldap_use_starttls	true	bool	Use StartTLS for LDAP
ldap_use_tls	false	bool	Connect to LDAP using TLS
ldap_sni	false	string	Use SNI hostname when using TLS
ldap_privkey		string	Specify private key for TLS auth
ldap_privkey_password		string	Specify private key password for TLS auth
ldap_pubkey		string	Specify public key for TLS auth
ldap_cacerts		string	Specify CA trusted certs
ldap_check_certs	true	bool	Check if server certs are trusted or not
ldap_check_hostname	true	bool	Check hostname on the certificate
ldap_cert_additional_names		string	Specify additional valid hostnames

Key	Default Value	Type	Description
ldap_debug_detail_level	error	string	LDAP level debugging levels: Options: `off` `error` `basic` `protocol` `network` `extended`
ldap_profile	ad	string	Enables vendor specific configurations. Options: `ad` `custom`
ldap_connect_timeout	10	string	Connection timeout for the LDAP server (in seconds)
ldap_receive_timeout	60	string	Receive timeout
ldap_ignore_malformed_schema	false	bool	Ignore errors caused by malformed schemas
ldap_user_search_base		string	Search query to find user objects
ldap_user_class_filter		string	Search base to find user objects
ldap_user_search_scope	subtree	string	Scope to find user objects. Options: `subtree` `singlelevel`
ldap_user_uuid		string	Specify user UUID attribute
ldap_user_name		string	Attribute to get user name from
ldap_user_phone		string	Attribute to get user phone from
ldap_user_email		string	Attribute to get user email from
ldap_user_disabled_filter		string	Attribute to get user disabled state from
ldap_user_modified		string	Attribute to check user for last modification
ldap_user_deleted_filter		string	Search query to find deleted users
ldap_user_deleted_controls		string	Control OID for user deleted
ldap_group_search_base		string	Search query to find group objects
ldap_group_class_filter		string	Search base to find group objects
ldap_group_search_scope	subtree	string	Scope to find group objects. Options: `subtree` `singlelevel`
ldap_group_uuid		string	Specify group UUID attribute
ldap_group_name		string	Attribute to get group name from
ldap_group_modified		string	Attribute to check group for last modification
ldap_group_deleted_filter		string	Search query to find deleted groups
ldap_group_deleted_controls		string	Control OID for group deleted
ldap_membership_object	group	string	Scope to find group objects. Options: `user` `group`
ldap_membership_attribute		string	LDA membership attribute

Sync With LDAP/MSAD

MSAD

Configuration Parameters

Basic Connection And Auth

More Advanced Options